diff --git a/orchestra/contrib/history/admin.py b/orchestra/contrib/history/admin.py
index ebd80e46..bc32e734 100644
--- a/orchestra/contrib/history/admin.py
+++ b/orchestra/contrib/history/admin.py
@@ -1,12 +1,14 @@
from django.contrib import admin
-from django.utils.translation import ugettext_lazy as _
-from django.urls import reverse, NoReverseMatch
-from django.contrib.admin.templatetags.admin_urls import add_preserved_filters
-from django.http import HttpResponseRedirect
-from django.contrib.admin.utils import unquote
from django.contrib.admin.templatetags.admin_static import static
+from django.contrib.admin.templatetags.admin_urls import add_preserved_filters
+from django.contrib.admin.utils import unquote
+from django.http import HttpResponseRedirect
+from django.urls import NoReverseMatch, reverse
+from django.utils.html import format_html
+from django.utils.safestring import mark_safe
+from django.utils.translation import ugettext_lazy as _
-from orchestra.admin.utils import admin_link, admin_date
+from orchestra.admin.utils import admin_date, admin_link
class LogEntryAdmin(admin.ModelAdmin):
@@ -34,11 +36,12 @@ class LogEntryAdmin(admin.ModelAdmin):
user_link = admin_link('user')
display_action_time = admin_date('action_time', short_description=_("Time"))
+ @mark_safe
def display_message(self, log):
- edit = 's)
' % {
+ edit = format_html('
', **{
'url': reverse('admin:admin_logentry_change', args=(log.pk,)),
'img': static('admin/img/icon-changelink.svg'),
- }
+ })
if log.is_addition():
return _('Added "%(link)s". %(edit)s') % {
'link': self.content_object_link(log),
@@ -57,7 +60,6 @@ class LogEntryAdmin(admin.ModelAdmin):
}
display_message.short_description = _("Message")
display_message.admin_order_field = 'action_flag'
- display_message.allow_tags = True
def display_action(self, log):
if log.is_addition():
@@ -75,10 +77,9 @@ class LogEntryAdmin(admin.ModelAdmin):
url = reverse(view, args=(log.object_id,))
except NoReverseMatch:
return log.object_repr
- return '%s' % (url, log.object_repr)
+ return format_html('{}', url, log.object_repr)
content_object_link.short_description = _("Content object")
content_object_link.admin_order_field = 'object_repr'
- content_object_link.allow_tags = True
def render_change_form(self, request, context, add=False, change=False, form_url='', obj=None):
""" Add rel_opts and object to context """
diff --git a/orchestra/contrib/orchestration/admin.py b/orchestra/contrib/orchestration/admin.py
index a5ddcb08..4f5ddc4b 100644
--- a/orchestra/contrib/orchestration/admin.py
+++ b/orchestra/contrib/orchestration/admin.py
@@ -51,19 +51,18 @@ class RouteAdmin(ExtendedModelAdmin):
def display_model(self, route):
try:
- return escape(route.backend_class.model)
+ return route.backend_class.model
except KeyError:
- return "NOT AVAILABLE"
+ return mark_safe("NOT AVAILABLE")
display_model.short_description = _("model")
- display_model.allow_tags = True
+ @mark_safe
def display_actions(self, route):
try:
return '
'.join(route.backend_class.get_actions())
except KeyError:
return "NOT AVAILABLE"
display_actions.short_description = _("actions")
- display_actions.allow_tags = True
def formfield_for_dbfield(self, db_field, **kwargs):
""" Provides dynamic help text on backend form field """
@@ -120,7 +119,6 @@ class BackendOperationInline(admin.TabularInline):
return _("Deleted {0}").format(operation.instance_repr or '-'.join(
(escape(operation.content_type), escape(operation.object_id))))
return link
- instance_link.allow_tags = True
instance_link.short_description = _("Instance")
def has_add_permission(self, *args, **kwargs):
@@ -181,12 +179,10 @@ class ServerAdmin(ExtendedModelAdmin):
def display_ping(self, instance):
return mark_safe(self._remote_state[instance.pk][0])
display_ping.short_description = _("Ping")
- display_ping.allow_tags = True
def display_uptime(self, instance):
return mark_safe(self._remote_state[instance.pk][1])
display_uptime.short_description = _("Uptime")
- display_uptime.allow_tags = True
def get_queryset(self, request):
""" Order by structured name and imporve performance """
diff --git a/orchestra/contrib/resources/admin.py b/orchestra/contrib/resources/admin.py
index f758851e..b965c4ee 100644
--- a/orchestra/contrib/resources/admin.py
+++ b/orchestra/contrib/resources/admin.py
@@ -11,6 +11,7 @@ from django.db.models import Q
from django.shortcuts import redirect
from django.templatetags.static import static
from django.utils.functional import cached_property
+from django.utils.html import format_html
from django.utils.safestring import mark_safe
from django.utils.translation import ungettext, ugettext_lazy as _
@@ -105,10 +106,9 @@ class ResourceAdmin(ExtendedModelAdmin):
def content_object_link(data):
ct = data.content_type
url = reverse('admin:%s_%s_change' % (ct.app_label, ct.model), args=(data.object_id,))
- return '%s' % (url, data.content_object_repr)
+ return format_html('{}', url, data.content_object_repr)
content_object_link.short_description = _("Content object")
content_object_link.admin_order_field = 'content_object_repr'
-content_object_link.allow_tags = True
class ResourceDataAdmin(ExtendedModelAdmin):
@@ -155,10 +155,9 @@ class ResourceDataAdmin(ExtendedModelAdmin):
if rdata.used is None:
return ''
url = reverse('admin:resources_resourcedata_used_monitordata', args=(rdata.pk,))
- return '%s %s' % (url, rdata.used, rdata.unit)
+ return format_html('{} {}', url, rdata.used, rdata.unit)
display_used.short_description = _("Used")
display_used.admin_order_field = 'used'
- display_used.allow_tags = True
def has_add_permission(self, *args, **kwargs):
return False
@@ -304,6 +303,7 @@ def resource_inline_factory(resources):
self.verbose_name_plural = mark_safe(_("Resources") + ' ' + link)
return super(ResourceInline, self).get_fieldsets(request, obj)
+ @mark_safe
def display_used(self, rdata):
update = ''
history = ''
@@ -329,7 +329,6 @@ def resource_inline_factory(resources):
return _("Unknonw %s %s") % (update, history)
return _("No monitor")
display_used.short_description = _("Used")
- display_used.allow_tags = True
def has_add_permission(self, *args, **kwargs):
""" Hidde add another """